U.S. patent application number 10/960497 was filed with the patent office on 2005-05-19 for radio communication system and radio terminal.
Invention is credited to Fukui, Hiroaki.
Application Number | 20050107089 10/960497 |
Document ID | / |
Family ID | 34542435 |
Filed Date | 2005-05-19 |
United States Patent
Application |
20050107089 |
Kind Code |
A1 |
Fukui, Hiroaki |
May 19, 2005 |
Radio communication system and radio terminal
Abstract
An access-point announces change of a password to a client every
time a predetermined time passes. The client displays the password
notified by the access-point, and a user seeing the password sets
the password and continues communication. The access-point decrypts
the received packet data with the announced password.
Inventors: |
Fukui, Hiroaki; (Fuchu-shi,
JP) |
Correspondence
Address: |
Finnegan, Henderson, Farabow,
Garrett & Dunner, L.L.P.
1300 I Street, N.W.
Washington
DC
20005-3315
US
|
Family ID: |
34542435 |
Appl. No.: |
10/960497 |
Filed: |
October 8, 2004 |
Current U.S.
Class: |
455/452.1 ;
455/405 |
Current CPC
Class: |
H04W 12/069 20210101;
H04W 4/16 20130101; H04L 63/18 20130101; H04W 76/38 20180201; H04L
63/083 20130101 |
Class at
Publication: |
455/452.1 ;
455/405 |
International
Class: |
H04Q 007/20 |
Foreign Application Data
Date |
Code |
Application Number |
Oct 9, 2003 |
JP |
2003-351053 |
Claims
What is claimed is:
1. A radio communication system capable of executing radio
communication with a radio terminal and allowing the radio terminal
to be connected to a network, the system comprising: radio
communication means for executing the radio communication with the
radio terminal; connection time measuring means for measuring a
radio communication time with the radio terminal using the radio
communication means; and communication control means for
controlling the radio communication means to terminate the radio
connection with the radio terminal if the time measured by the
connection time measuring means has passed a preset time.
2. The radio communication system according to claim 1, further
comprising termination announcing means for announcing the
termination of the radio connection to a user of the radio terminal
before the radio connection is terminated by the communication
control means.
3. The radio communication system according to claim 2, further
comprising remaining time measuring means for measuring a time
remaining until the radio connection is terminated by the
communication control means, wherein the termination announcing
means notifies the user of the radio terminal of the remaining time
measured by the remaining time measuring means.
4. The radio communication system according to claim 3, wherein if
the radio communication means receives a preset response signal
from the radio terminal before the remaining time measured by the
remaining time measuring means runs out, the communication control
means continues the radio connection with the radio terminal.
5. The radio communication system according to claim 2, wherein the
termination announcing means comprises announcement displaying
means for visually announcing the termination of the radio
connection.
6. The radio communication system according to claim 2, wherein the
termination announcing means controls the radio communication means
to announce the termination of the radio connection to the user of
the radio terminal through the radio terminal.
7. The radio communication system according to claim 1, further
comprising termination announcing means for announcing the
termination of the radio connection to a user of the radio terminal
and notifying the user of a password, before the radio connection
is terminated by the communication control means, wherein if the
radio communication means receives a response signal using the
password from the radio terminal, the communication control means
continues the radio connection with the radio terminal.
8. The radio communication system according to claim 7, further
comprising remaining time measuring means for measuring a time
remaining until the radio connection is terminated by the
communication control means, wherein the termination announcing
means notifies the user of the radio terminal of the remaining time
measured by the remaining time measuring means, and if the radio
communication means receives a response signal using the password
from the radio terminal before the remaining time measured by the
remaining time measuring means runs out, the communication control
means continues the radio connection with the radio terminal.
9. The radio communication system according to claim 7, wherein the
termination announcing means comprises announcement displaying
means for visually announcing the termination of the radio
connection.
10. The radio communication system according to claim 7, wherein
the termination announcing means controls the radio communication
means to announce the termination of the radio connection to the
user of the radio terminal through the radio terminal.
11. The radio communication system according to claim 1, further
comprising termination announcing means for announcing the
termination of the radio connection to a user of the radio terminal
if the time measured by the connection time measuring means has
passed a preset time.
12. A radio terminal capable of executing radio communication with
a radio station accommodated in a network to connect to the
network, the radio terminal comprising: radio communication means
for executing the radio communication with the radio station; and
communication control means for controlling the radio communication
means to terminate the radio communication with the radio station
if the radio communication means receives a preset control signal
from the radio station.
13. The radio terminal according to claim 12, further comprising
termination announcing means for announcing the termination of the
radio connection to a user before the radio connection is
terminated by the communication control means.
14. The radio terminal according to claim 13, further comprising
remaining time measuring means for measuring a time remaining until
the radio connection is terminated by the communication control
means, wherein the termination announcing means notifies the user
of the remaining time measured by the remaining time measuring
means.
15. The radio terminal according to claim 14, further comprising
inputting means for accepting a request from the user, wherein if
the inputting means accepts a preset request before the remaining
time measured by the remaining time measuring means runs out, the
communication control means continues the radio connection with the
radio terminal.
16. The radio terminal according to claim 12, further comprising
inputting means for accepting input of a password from the user,
wherein if the inputting means accepts a preset password, the
communication control means continues the radio connection with the
radio terminal.
17. The radio terminal according to claim 16, further comprising:
remaining time measuring means for measuring a time remaining until
the radio connection is terminated by the communication control
means; and termination announcing means for announcing the
termination of the radio connection to the user and informing the
user of the remaining time measured by the remaining time measuring
means, before the radio connection is terminated by the
communication control means, wherein if the inputting means accepts
the preset password before the remaining time measured by the
remaining time measuring means runs out, the communication control
means continues the radio connection with the radio terminal.
18. The radio terminal according to claim 12, further comprising:
connection time measuring means for measuring a radio communication
time with the radio station using the radio communication means;
and termination announcing means for announcing the termination of
the radio connection to the user if the time measured by the
connection time measuring means has passed a preset time.
Description
CROSS-REFERENCE TO RELATED APPLICATIONS
[0001] This application is based upon and claims the benefit of
priority from prior Japanese Patent Application No. 2003-351053,
filed Oct. 9, 2003, the entire contents of which are incorporated
herein by reference.
BACKGROUND OF THE INVENTION
[0002] 1. Field of the Invention
[0003] This invention relates to radio communication systems such
as mobile communication systems, for example, wireless LAN, a
mobile telephone, etc.
[0004] 2. Description of the Related Art
[0005] Recently, a wireless LAN network has been constructed and a
hot-spot service providing the internet connection service has
become popular. The "hot-spot" implies a radio communication area
in which the service can be obtained. This service is often
provided in, for example, cafes and restaurants to attract
customers.
[0006] However, the radio communications area offering the service
may extend out of the shops and stores, and persons outside them
can obtain the service. For this reason, the communications may be
intercepted or unauthorized access to the communications may be
made To prevent the unauthorized access, encryption has been
executed in the steps of WEP (Wired Equivalent Privacy), i.e. the
wireless LAN standard based on IEEE 802.11. According to this
method, however, there is a problem that the unauthorized access
can be made for a long time by decrypting an encryption key.
BRIEF SUMMARY OF THE INVENTION
[0007] The present invention has been accomplished to solve the
above-described problems. The object of the present invention is to
provide a radio communication system and a radio terminal capable
of preventing a long-time unauthorized access to the
communications.
[0008] According to an aspect of the present invention, there is
provided a radio communication system capable of executing radio
communication with a radio terminal and allowing the radio terminal
to be connected to a network. The system comprises radio
communication means for executing the radio communication with the
radio terminal, connection time measuring means for measuring a
radio communication time with the radio terminal using the radio
communication means, and communication control means for
controlling the radio communication means to terminate the radio
connection with the radio terminal if the time measured by the
connection time measuring means has passed a preset time.
[0009] According to the present invention, as stated above, the
time of radio communication with the radio terminal is measured. If
the radio communication time has passed a preset time, the radio
connection with the radio terminal is terminated.
[0010] Since the radio connection with the radio terminal is
terminated in accordance with the radio communication time with the
radio terminal, a long-time unauthorized access can be
prevented.
[0011] Additional objects and advantages of the invention will be
set forth in the description which follows, and in part will be
obvious from the description, or may be learned by practice of the
invention. The objects and advantages of the invention may be
realized and obtained by means of the instrumentalities and
combinations particularly pointed out hereinafter.
BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWING
[0012] The accompanying drawings, which are incorporated in and
constitute a part of the specification, illustrate presently
preferred embodiments of the invention, and together with the
general description given above and the detailed description of the
preferred embodiments given below, serve to explain the principles
of the invention.
[0013] FIG. 1 shows a wireless LAN system according to an
embodiment of the present invention;
[0014] FIG. 2 shows a flowchart of operations of the wireless LAN
system according to the first embodiment;
[0015] FIG. 3 shows an example of information displayed on a
display unit shown in FIG. 1;
[0016] FIG. 4 shows a flowchart of operations of the wireless LAN
system according to a second embodiment of the present
invention;
[0017] FIG. 5 shows an example of information displayed on a
display unit of a client shown in FIG. 1;
[0018] FIG. 6 shows an example of information displayed on a
display unit shown in FIG. 1;
[0019] FIG. 7 shows a password table stored by an access-point and
the client shown in FIG. 1;
[0020] FIG. 8 shows a flowchart of operations of the wireless LAN
system according to a third embodiment of the present
invention;
[0021] FIG. 9 shows an example of information displayed on a
display unit of a client shown in FIG. 1;
[0022] FIG. 10 shows a flowchart of operations of the wireless LAN
system according to a fourth embodiment of the present
invention;
[0023] FIG. 11 shows a format of packet data transmitted and
received between the access-point and the client shown in FIG.
1;
[0024] FIG. 12 shows a password table stored by an access-point and
the client shown in FIG. 1; and
[0025] FIG. 13 shows a flowchart of operations of the wireless LAN
system according to a fifth embodiment of the present
invention.
DETAILED DESCRIPTION OF THE INVENTION
[0026] Embodiments of the present invention will be explained below
with reference to the accompanying drawings.
[0027] FIG. 1 shows a wireless LAN system according to a first
embodiment of the present invention. The wireless LAN system shown
in the figure is constructed in, for example, a cafe, a restaurant
or a specific area, and includes an access-point 1, a client 2, a
control unit 3, a display unit 4a, a display unit 4b, and a server
7.
[0028] The access-point 1 is controlled by the control unit 3 to
carry out radio communication with the client 2. A hot-spot 8 is
formed as an area in which radio communication with the client 2
can be made. In addition, the access-point 1 executes communication
with the server 7 via Internet 6. Then, the access-point 1
packetizes the data and executes relay communication between the
client 2 and the server 7.
[0029] The client 2 is a radio terminal having the wireless LAN
function, such as a personal computer, a PDA (personal digital
assistant) and the like that the user of the hot-spot service uses,
and executes radio communication with the access-point 1 inside the
hot-spot 8. FIG. 1 shows one client 2. However, a plurality of
clients 2 can simultaneously execute radio connection with the
access-point 1.
[0030] The display unit 4a and the display unit 4b are provided
inside the hot-spot 8. The display unit 4a is a large display
device, which is installed at a position which cannot be seen from
the outside of the shop or store offering the hot-spot service. The
display unit 4a is directly connected to the control unit 3,
executes communication with the control unit 3, and shows various
information to the user.
[0031] An intercom 5 executes communication with the control unit 3
to allow various kinds of received information to be displayed on
the display unit 4b. The display unit 4b is a small display device
installed on a table or the like that the user uses.
[0032] The control unit 3 has a control function of controlling
radio communication means which the access-point 1 comprises, and
conducting radio communication with the client 2. The control
function controls radio connection with the client 2 by conducting
authentication in accordance with protocol based on IEEE 802.11 and
measuring the radio communication time.
[0033] Next, operations of the wireless LAN system having the
above-described configuration will be explained. FIG. 2 shows a
flowchart of the operations to explain the processing of the
access-point 1 and that of the client 2. The software for the
processing executed by the access-point 1 is stored in a memory
unit of the control unit 3. The program for the processing executed
by the client 2 is stored in a memory unit inside the client 2.
[0034] The processings shown in FIG. 2 are based on the WEP, using
no high-level encryption software. The processings prevent
unauthorized access by regularly changing a password which is
required when the client 2 establishes radio communication with the
access-point 1.
[0035] The access-point 1 prestores an initial password and an
ESSID (enhanced service set identifier) assigned to the client 2 as
initial setting data (step s1-1). In the following explanation, for
example, one hour is set in the access-point 1 as the service limit
time.
[0036] If the user operates the client 2 and inputs a command to
start up the wireless LAN communication, the client 2 starts up the
wireless LAN driver software built therein. The client 2 is
operated by the software to request the user to input the initial
password of WEP "PWORD" and ESSID "HSPOT". The user is
preliminarily notified of the initial password and the ESSID by a
service provider, at the purchase of the service.
[0037] When the initial password and the ESSID are input through a
keyboard or the like, the client 2 stores these information items,
and controls the radio communication means of the client 2 in the
steps of WEP on the basis of the stored information items to
attempt radio connection to the access-point 1 (step s1).
[0038] The client 2 thereby transmits a radio signal and requests
the access-point 1 to connect to the client 2. The radio signal is
packetized and the ESSID is included in header information of the
radio signal.
[0039] When the access-point 1 receives the radio signal, the
control unit 3 executes decryption processing of the encrypted
packet data in predetermined steps of WEP (step s2). In the
decryption processing, the control unit 3 attempts decryption of
the packet data transmitted from the client 2 with the initial
password.
[0040] If the control unit 3 succeeds in decrypting the packet
data, the control unit 3 recognizes the client 2 as an authorized
user, reads the ESSID out of the header information of the packet
data and stores the ESSID.
[0041] The control unit 3 permits the client 2 to log on to the
wireless LAN system, establishes a communication link with the
client 2, and starts measuring the radio communication time (step
s3).
[0042] When the communication link is established in this
procedure, the client 2 starts up the WEB browser software and
executes communication with the server 7 connected to Internet 6
via the communication link and the access-point 1.
[0043] Thus, the client 2 downloads plug-in software P from the
server 7 and executes the downloaded plug-in software P (step s4).
The client 2 can therefore download various kinds of data and
application software from the server 7.
[0044] On the other hand, the access-point 1 monitors a measurement
result of the radio communication time started in step s3 by the
control unit 3. Every time a predetermined time (for example, 15
minutes) has passed, the access-point 1 sends display data to
display the contents shown in FIG. 3 to the display unit 4a and the
intercom 5 (step s5).
[0045] The display data notifies a new password and announces that
the radio communication will be ended unless the communication is
executed by changing the current password to a new password. It is
preferable that this announcement should attract the user by
blinking the displayed contents, emitting sounds such as chimes
synchronously with the displayed contents, or generating vibration
by a vibrator.
[0046] When this announcement has been ended, the control unit 3
sets a remaining time to change the current password to the new
password at, for example, five minutes and starts countdown of the
remaining time. During the remaining time, the control unit 3
executes the processing of attempting decryption of the packet data
received from the client 2, with the current password and the new
password.
[0047] The client 2 accepts the input of the new password from the
user. The accepted password is set in the driver software. After
that, the client 2 executes transmission and reception of the
packet data encrypted with the new password with the client 2 (step
s6).
[0048] The control unit 3 discriminates whether the packet data
received from the client 2 could be decrypted with a new password
(step s7). If the packet data could be decrypted, the control unit
3 executes transmission and reception of the packet data encrypted
with the new password, even in the remaining time.
[0049] In a case where the remaining time has passed, the control
unit 3 executes transmission and reception of the packet data
encrypted with the new password.
[0050] Therefore, even if an unauthorized user steals the password
and logs on to the wireless LAN system, he cannot make unauthorized
use after a predetermined time has passed since the control unit 3
changes the password every time the predetermined time passes. The
password is updated in the above description, but the ESSID may be
updated instead.
[0051] After that, the control unit 3 discriminates whether the
radio communication time measured in step s3 has passed one hour
(step s8). If the radio communication time has not passed one hour,
the control unit 3 shifts to step s5 and continues the processing.
If the radio communication time has passed one hour, the control
unit 3 disconnects the communication link with the client 2 (step
s9).
[0052] Thus, the radio communication time is monitored, and the
communication link is disconnected when a predetermined time has
passed. Therefore offering the service can be managed exactly and
the unauthorized user's long-time use can be prevented.
[0053] Next, a wireless LAN system according to a second embodiment
of the present invention will be explained. The wireless LAN system
is apparently the same as that shown in FIG. 1.
[0054] FIG. 4 shows a flowchart of operations of the wireless LAN
system.
[0055] The flowchart indicates the processing of the access-point 1
and that of the client 2. The software for the processing executed
by the access-point 1 is stored in a memory unit of the control
unit 3.
[0056] Plug-in software P of the processing executed by the client
2 is small-scale software and is lent only to the client 2 of the
service user by an administrator of the hot-spot service.
[0057] The plug-in software P is preinstalled in the client 2.
Otherwise, the software may be first stored in the memory unit of
the control unit 3, and may be provided to the client 2 by the
control unit 3 when the client 2 connects to the access-point
1.
[0058] The plug-in software P is operated synchronously with the
access-point 1 by referring to an internal clock of the client 2.
The software interpolates the control of the wireless LAN with a
WEB browser, an e-mail control program and the like installed in
the client 2.
[0059] The plug-in software P executes the radio communication
processing in the steps of WEP. In addition, when log-in is ended,
the plug-in software P starts measuring the radio communication
connection time by referring to the internal clock, and allows the
display unit of the client 2 to display the announcement of
disconnection. If predetermined procedures of updating are executed
within a determined period, the plug-in software P disconnects the
radio communication.
[0060] For this reason, the plug-in software P has the following
functions:
[0061] (1) WEP steps and setting the password in cooperation with
the wireless LAN driver;
[0062] (2) allowing the announcement of disconnection of the
communication to be displayed;
[0063] (3) measuring the radio communication time;
[0064] (4) disconnecting the communication link with the
access-point 1; and
[0065] (5) storing the hot-spot service time.
[0066] The wireless LAN system according to the second embodiment
will be explained below with reference to FIG. 4.
[0067] The access-point 1 prestores an initial password and an
ESSID assigned to the client 2 as initial setting data (step
s41-1). In the following explanation, for example, one hour is set
in the access-point 1 as the service limit time.
[0068] If the user operates the client 2 and inputs a command to
start up the wireless LAN communication, the client 2 starts up the
wireless LAN driver software built therein. The client 2 is
operated by the software to request the user to input the initial
password of WEP "PWORD", and "HSPOT" as the ESSID.
[0069] The user is preliminarily notified of the initial password
and the ESSID, by a service provider, at the purchase of the
service. The plug-in software P is preinstalled in the client
2.
[0070] When the initial password and the ESSID are input through a
keyboard or the like, the client 2 stores these information items,
and controls the radio communication means of the client 2 in the
steps of WEP on the basis of the stored information items to
attempt radio connection to the access-point 1 (step s41).
[0071] The client 2 thereby transmits a radio signal and requests
the access-point 1 to connect to the client 2. The radio signal is
packetized and the ESSID is included in header information of the
radio signal.
[0072] When the access-point 1 receives the radio signal, the
control unit 3 executes the decryption processing of the encrypted
packet data in predetermined steps of WEP (step s42). In the
decryption processing, the control unit 3 attempts decryption of
the packet data transmitted from the client 2 with the initial
password.
[0073] If the control unit 3 succeeds in decrypting the packet
data, the control unit 3 recognizes the client 2 as an authorized
user, reads the ESSID out of the header information of the packet
data and stores the ESSID. The access-point 1 does not notify the
client 2 of termination of the authentication or the like. If the
control unit 3 fails the authentication processing, the user resets
a correct password.
[0074] The control unit 3 permits the client 2 to log on to the
wireless LAN system, establishes a communication link with the
client 2, and starts measuring the radio communication time (step
s43-1).
[0075] When the communication link is established in this
procedure, the client 2 starts up the WEB browser software and
executes communication with the server 7 connected to Internet 6
via the communication link and the access-point 1. The client 2 can
therefore download various kinds of data and application software
from the server 7.
[0076] The client 2 starts up the plug-in software P. The client
2-starts measuring the radio communication time with the plug-in
software P thus started (step s43).
[0077] The client 2 monitors a measurement result of the radio
communication time started in step s43 with the plug-in software P.
Every time a predetermined time (for example, 15 minutes) has
passed, the client 2 discriminates that the time five minutes
before the password changing time has come.
[0078] At the time five minutes before the password changing time,
an announcement display 10 is shown on the display unit 2a of the
client 2 as a pop-up display as shown in FIG. 5, and countdown of
the remaining time to the password changing time is started (step
s44-1). The announcement display 10 indicates that the radio
communication link with the access-point 1 will be disconnected if
the password is not changed during the remaining time of five
minutes.
[0079] On the other hand, the access-point 1 monitors a measurement
result of the radio communication time started in step s43-1 by the
control unit 3. Every time a predetermined time (for example, 15
minutes) has passed, the access-point 1 sends display data to
display the contents shown in FIG. 6 to the display unit 4a and the
intercom 5 (step s44).
[0080] The display data announces a new password, but does not
include the password. It is preferable that this
announcement-should attract the user by blinking the displayed
contents, emitting sounds such as chimes on the display, or
generating vibration by a vibrator.
[0081] When this announcement has been ended, the control unit 3
sets a remaining time to change the current password to the new
password at, for example, five minutes and starts countdown of the
remaining time. During the remaining time, the control unit 3
executes the processing of attempting decryption of the packet data
received from the client 2, with the current password and the new
password.
[0082] The client 2 makes the display unit 2a execute displaying to
urge the user to input the new password, by the plug-in software P
that is being executed, and accepts the input of the new password
from the user.
[0083] The accepted password is set in the driver software. After
that, the client 2 executes transmission and reception of the
packet data encrypted with the new password with the client 2 (step
s45).
[0084] In addition, the client 2 monitors the time to pass until
the password is input, with the plug-in software P (step s46). If
the password is input within five minutes, the client 2 shifts to
step s48. If the password is not input within five minutes, the
client 2 shifts to step s49.
[0085] In step s48, the client 2 discriminates whether the radio
communication time measured in step s43 has passed one hour, with
the plug-in software P. If the radio communication time has not
passed one hour, the client 2 shifts to step s44-1 and continues
the processing. If the radio communication time has passed one
hour, the client 2 shifts to step s49.
[0086] In step s49, the client 2 disconnects the communication link
with the access-point 1, with the plug-in software P. In addition,
the client 2 uninstalls the plug-in software P.
[0087] Thus, the radio communication time is monitored. Every time
a predetermined time passes, inputting of the new password is
requested. The communication link is disconnected when the
predetermined time has passed. Therefore offering the service can
be managed exactly and the unauthorized user's long-time use can be
prevented.
[0088] At the access-point 1, the control unit 3 discriminates
whether the packet data received from the client 2 could be
decrypted with the new password (step s47). If the packet data
could be decrypted, the control unit 3 executes transmission and
reception of the packet data encrypted with the new password, even
in the remaining time. In a case where the remaining time has
passed, the control unit 3 executes transmission and reception of
the packet data encrypted with the new password.
[0089] Therefore, even if an unauthorized user steals the password
and logs on to the wireless LAN system, he cannot make unauthorized
use after a predetermined time has passed since the control unit 3
changes the password every time the predetermined time passes.
[0090] Since the new password is notified by the display units 4a
and 4b, an authorized user existing outside the shop or store
offering the hot-spot service cannot acquire the new password. The
password is updated in the above description, but the ESSID may be
updated instead.
[0091] After that, the control unit 3 discriminates whether the
radio communication time measured in step s43-1 has passed one hour
(step s48-1). If the radio communication time has not passed one
hour, the control unit 3 shifts to step s44 and continues the
processing. If the radio communication time has passed one hour,
the control unit 3 disconnects the communication link with the
client 2 (step s49-1).
[0092] Thus, the radio communication time is monitored, and the
communication link is disconnected when a predetermined time has
passed. Therefore offering the service can be managed exactly and
the unauthorized user's long-time use can be prevented.
[0093] In addition, in a case where the plug-in software P of the
client 2 is downloaded from the access-point 1 at the start of
connection and executed, the user does not need to prepare the
software, and the software has much convenience.
[0094] If a password abbreviating/registering function is added,
the password can be easily set for the wireless LAN driver. In
other words, the access-point 1 and the plug-in software P comprise
a common password abbreviation table. The password abbreviation
table corresponds to an abbreviated number and a password character
string.
[0095] In password notification (step s44) using the display units
4a and 4b, the abbreviated number is notified. If the user inputs
the abbreviated number, the client 2 detects the password
corresponding to the input abbreviated number in the password
abbreviation table, in accordance with the plug-in software P, and
sets the detected password in the wireless LAN driver.
[0096] The access-point 1 attempts reception of the signal
encrypted with the password corresponding to the notified
abbreviated number. Thus, the user can easily input the password.
In addition, even if an unauthorized user steals the abbreviated
number, he cannot use the wireless LAN system since the abbreviated
number is not the password.
[0097] In the above descriptions, each of the access-point 1 and
the client 2 executes the processing associated with the password
change every fifteen minutes after the radio communication is
started. Instead, for example, the access-point 1 and the client 2
may measure the radio communication time, store a table in which
the time and password correspond to each other as shown in FIG. 7,
and automatically change the password in accordance with the time
to execute the communication.
[0098] In this case, the announcement is not made to the user by
the access-point 1 at the time of updating the password, but is
made on the client 2 by the plug-in software P. If the user does
not input the password within a predetermined time (for example,
five minutes), the communication link with the access-point 1 is
disconnected by the plug-in software P.
[0099] The wireless LAN system of automatically updating the
password in response to the time in the above procedure will be
explained below as a third embodiment of the present invention. The
wireless LAN system of this embodiment is apparently the same as
that shown in FIG. 1. FIG. 8 shows a flowchart of operations of the
wireless LAN system.
[0100] The flowchart indicates the processing of the access-point 1
and that of the client 2. The software for the processing executed
by the access-point 1 is stored in a memory unit of the control
unit 3.
[0101] Plug-in software P of the processing executed by the client
2 is small-scale software and is lent only to the client 2 of the
service user by an administrator of the hot-spot service.
[0102] The plug-in software P includes passwords corresponding to a
plurality of times shown in FIG. 7 as a password table. The plug-in
software P is preinstalled in the client 2.
[0103] The plug-in software P is operated synchronously with the
access-point 1 by referring to an internal clock of the client 2.
The software interpolates the control of the wireless LAN with a
WEB browser, an e-mail control program and the like installed in
the client 2.
[0104] The plug-in software P executes the communication processing
in the steps of WEP. When log-in is ended, the plug-in software P
requests the user to reset the password in response to the time by
referring to the internal clock, starts measuring the communication
connection time, and allows the display unit of the client 2 to
display the announcement of disconnection. In addition, if
predetermined procedures of updating are executed within a
determined period, the plug-in software P disconnects the
communication.
[0105] For this reason, the plug-in software P has the following
functions:
[0106] (1) WEP steps and setting the password in cooperation with
the wireless LAN driver;
[0107] (2) allowing the announcement of disconnection of the
communication to be displayed;
[0108] (3) measuring the radio communication time;
[0109] (4) disconnecting the communication link with the
access-point 1; and
[0110] (5) storing the hot-spot service time.
[0111] The wireless LAN system according to the second embodiment
will be explained below with reference to FIG. 8. In the following
explanation, the service is offered for one hour. In accordance
with this, the plug-in software P responding to the service time
(one hour) is lent by the administrator of the hot-spot service, in
return for the ID such as the MAC address and the like of the
client 2.
[0112] The access-point 1 prestores an ESSID assigned to the client
2. The access-point 1 also stores the password table included in
the plug-in software P. The control unit 3 executes initial setting
of the password corresponding to the current time by referring to
the password table (step s81-1).
[0113] The plug-in software P is installed in the client 2 (step
s81). The client 2 starts up the plug-in software P. Using the
plug-in software P, the client 2 sets the ESSID and executes the
initial setting of the password corresponding to the current time
by referring to the password table.
[0114] For example, it is assumed that the current time is nine
forty-five in a case where the password table shown in FIG. 7 is
included in the plug-in software P. "WORD1" is set as the password
in the wireless LAN driver. At this time, the control unit 3 also
sets "WORD1" as the password.
[0115] When the user operates the client 2 and inputs a command to
start up the wireless LAN communication, the client 2 starts up the
built-in wireless LAN driver software. The client 2 executes the
operation by the software, controls the radio communication means
provided in the client 2 in the steps of WEP, and attempts radio
connection to the access-point 1.
[0116] The client 2 thereby transmits a radio signal and requests
the access-point 1 to connect to the client 2. The radio signal is
packetized and the ESSID is included in header information of the
radio signal.
[0117] When the access-point 1 receives the radio signal, the
control unit 3 executes the decryption processing of the encrypted
packet data in predetermined steps of WEP (step s82). In the
authentication processing, the control unit 3 attempts decryption
of the packet data transmitted from the client 2 with the password
set in step s81-1.
[0118] If the control unit 3 succeeds in decrypting the packet
data, the control unit 3 recognizes the client 2 as an authorized
user, reads the ESSID out of the header information of the packet
data and stores the ESSID. The access-point 1 does not notify the
client 2 of termination of the authentication or the like. If the
control unit 3 fails the authentication processing, the user resets
a correct password.
[0119] The control unit 3 permits the client 2 to log on to the
wireless LAN system, establishes a communication link with the
client 2, and starts measuring the radio communication time (step
s83-1).
[0120] When the communication link is established in this
procedure, the client 2 starts up the WEB browser software and
executes communication with the server 7 connected to Internet 6
via the communication link and the access-point 1.
[0121] The client 2 can therefore download various kinds of data
and application software from the server 7. The client 2 starts
measuring the radio communication time by the plug-in software P
(step s83).
[0122] The client 2 monitors a measurement result of the radio
communication time started in step s83, with the plug-in software
P. The client 2 discriminates, five minutes before the password is
changed, whether the time remaining by subtracting the measurement
result from the service time (one hour) is more than a
predetermined time (for example, fifteen minutes) (step s84).
[0123] If the remaining time is more than the predetermined time,
the client 2 shifts to step s88. If the remaining time is not, the
client 2 shifts to step s85.
[0124] In step s85, the client 2 allows an announcement display 10
to be shown on the display unit 2a of the client 2 as a pop-up
display as shown in FIG. 9, by the plug-in software P, five minutes
before the end of the service.
[0125] The announcement display 10 indicates that the radio
communication link with the access-point 1 will be disconnected if
an extension command to request extension of the service time is
not input during the remaining time of five minutes. In FIG. 9, the
extension command is shown as "AZ".
[0126] In step s86, the client 2 discriminates whether the
extension command is input, by the plug-in software P. If the
extension command is input, the client 2 shifts to step s87. If the
extension command is not input, the client 2 shifts to step
s95.
[0127] In step s87, the client 2 executes radio transmission of the
extension command to the access-point 1, by the plug-in software P.
The client 2 shifts to step s88.
[0128] In step s88, the client 2 sets the password corresponding to
the current time by referring to the password table, with the
plug-in software P. The client 2 shifts to step s83.
[0129] In step s88, the client 2 disconnects the communication link
with the access-point 1, with the plug-in software P. In addition,
the client 2 uninstalls the plug-in software P.
[0130] On the other hand, in step s89, the control unit 3 monitors
whether the extension command is included in the receive signal
from the client 2. If the extension command is included in the
receive signal, the control unit 3 shifts to step s90 to extend the
service time. If the extension command is not included in the
receive signal, the control unit 3 shifts to step s91.
[0131] In step s91, the control unit 3 monitors a measurement
result of the radio communication time started in step s83-1, and
discriminates whether the time remaining by subtracting the
measurement result from the service time is more than a
predetermined time (for example, fifteen minutes). If the remaining
time is more than the predetermined time, the control unit 3 shifts
to step s92. If the remaining time is not, the control unit 3
shifts to step s94.
[0132] In step s92, the control unit 3 sets the password
corresponding to the current time by referring to the password
table. Then, the control unit 3 shifts to step s93.
[0133] In step s93, the control unit 3 executes the decryption
processing of the encrypted packet data with the password set in
step s92. If the control unit 3 succeeds the decryption, the
control unit 3 shifts to step s89 and continues the
communication.
[0134] If the control unit 3 fails the decryption, the control unit
3 shifts to step s94 and disconnects the communication link with
the client 2.
[0135] In the wireless LAN system having the above-described
configuration, the common password table is built in the
access-point 1 and the client 2, and the communication is executed
with the password changed in response to the current time.
[0136] For this reason, even if an unauthorized user temporarily
executes radio connection with the access-point 1, the password is
changed and the radio communication is disconnected after a certain
time has passed. The unauthorized user's long-time use can be
thereby prevented. In addition, since the user does not need to
update the password in accordance with passage of the time, this
wireless LAN system has much convenience.
[0137] In the third embodiment, the access-point 1 and the client 2
decrypt the received packet data with the current password and the
new password from the time fives minutes before the password
changing time. By setting this lead time in the access-point 1 and
the client 2, the password can be changed smoothly.
[0138] Next, FIG. 10 shows a modified example of the flowchart
shown in FIG. 8. A wireless LAN system of executing the processing
of FIG. 10 will be explained below as a fourth embodiment of the
present invention. In the following descriptions, different points
to the wireless LAN system of the third embodiment will be
particularly explained. The wireless LAN system of the fourth
embodiment is apparently the same as that shown in FIG. 1.
[0139] In the wireless LAN system of the fourth embodiment,
disconnection of the radio communication link is not executed by
the client 2, but by the access-point 1. In other words, the client
2 of the fourth embodiment does not execute the processing of step
s95 shown in FIG. 8.
[0140] If the user does not input the extension command, the client
2 in step s86 shifts to step s88. If the user inputs the extension
command, the client 2 shifts to step s87.
[0141] In step s87, the client 2 executes the radio transmission of
the extension command for the access-point 1, by the plug-in
software P, and shifts to step s88. The client 2 encrypts the
extension command with the new password and transmits the encrypted
command.
[0142] For example, if the current time is ten fifty-five and the
remaining service time is five minutes, the client 2 shifts to step
s86 through steps s84 and s85. In step 86, if the user shows an
intention to extend the time, the client 2 shifts to step s87.
[0143] In step s87, the client 2 detects "WORD7" in the password
table as the new password, by referring to the fact that the
current time is ten fifty-five. The client 2 encrypts the extension
command with the new password "WORD7" and transmits the encrypted
extension command.
[0144] In the access-point 1, the control unit 3 decrypts the
extension command with the new password "WORD7" and the service
time is extended.
[0145] If the user does not show an intention to extend the time in
step s86, the access-point 1 shifts to step s88. When the time to
set the new password comes, the new password is set, and the packet
data is received and transmitted with the new password.
[0146] In this case, however, the access-point 1 does not receive
the extension command. When the remaining time is shorter than five
minutes, the access-point 1 shifts to step s94. When it is eleven
o'clock, the access-point 1 disconnects the communication link.
[0147] The access-point 1 may disconnect the connection with the
client 2 that does not request extension of the service time, in
the other procedure. For example, step s92 of FIG. 8 may be omitted
and the client 2 may set the new password as it is and transmit the
packet.
[0148] According to this procedure, if the client 2 requests
extension of the service time, the client 2 transmits the command
"AZ" with the current password ("WORD6" if it is ten fifty-five) in
step s87, similarly to FIG. 8.
[0149] If the client 2 does not request extension of the service
time, the access-point 1 shifts from step s91 to step s94 since the
access-point 1 does not receive the extension command. When it is
eleven o'clock, the access-point 1 disconnects the communication
link with the client 2.
[0150] Next, a wireless LAN system according to a fifth embodiment
of the present invention will be explained below. In the wireless
LAN system of this embodiment, the packet data of the format shown
in FIG. 11 is transmitted and received between the access-point 1
and the client 2.
[0151] In FIG. 11, pa, ph, mf, df, and ff represent PLCP preamble,
PLCP header, MAC frame, data frame, FCS frame, respectively.
[0152] In the WEP, the password is set in the MAC frame mf. The
authentication procedure of the wireless LAN system is executed by
the wireless LAN driver. The plug-in software P executed by the
client 2, according to this embodiment, is constructed to input the
password even when the software accesses Web with the WEP password
by the WEB browser.
[0153] In addition, in this embodiment, the ESSID and password of
the WEP are set at the initial stage of using the hot-spot service.
After that, the communication is executed without changing the
ESSID and password. The password used by the plug-in software P is
changed instead of the authentication using the WEP, to control
disconnection of the communication link.
[0154] For this reason, for example, a password setting area of
five Alphabetical and numerical characters is set at the head of
the data frame df shown in FIG. 11. A portion following the
password setting area is encrypted by scrambling using the password
as a key.
[0155] In the following explanation, this password is called
password S to distinguish it from the WEP password. The password S
is changed on the basis of the password table corresponding to the
time.
[0156] The password table is stored in each of the control unit 3
of the access-point 1 and the plug-in software P of the client 2.
An example of the password table is shown in FIG. 12.
[0157] The wireless LAN system is apparently the same as that shown
in FIG. 1. FIG. 13 shows a flowchart of operations of the wireless
LAN system. The operations of the wireless LAN system according to
the fifth embodiment will be explained with reference to FIG.
13.
[0158] The flowchart indicates the processing of the access-point 1
and that of the client 2. The software for the processing executed
by the access-point 1 is stored in a memory unit of the control
unit 3.
[0159] The plug-in software P of the processing executed by the
client 2 is small-scale software and is lent only to the client 2
of the service user by an administrator of the hot-spot
service.
[0160] The plug-in software P is operated synchronously-with the
access-point 1 by referring to an internal clock of the client 2.
The software interpolates the control of the wireless LAN with a
WEB browser, an e-mail control program and the like installed in
the client 2.
[0161] The access-point 1 prestores the ESSID assigned to the
client 2. In addition, access-point 1 stores the password table
included in the plug-in software P. The control unit 3 refers to
the password table to execute the initial setting of the password
corresponding to the current time (step s201-1).
[0162] The plug-in software P is installed in the client 2 (step
s201). The client 2 starts up the plug-in software P. Using the
plug-in software P, the client 2 sets the ESSID and executes the
initial setting of password S corresponding to the current time by
referring to the password table.
[0163] For example, it is assumed that the current time is nine
forty-five in a case where the password table shown in FIG. 12 is
included in the plug-in software P. "LANPA" is set as the password
S in the wireless LAN driver. At this time, the control unit 3 also
sets "LANPA" as the password S.
[0164] When the user operates the client 2 and inputs a command to
start up the wireless LAN communication, the client 2 starts up the
built-in wireless LAN driver software. The client 2 executes the
operation by the software, controls the radio communication means
provided in the client 2 in the steps of WEP, and attempts radio
connection to the access-point 1.
[0165] The client 2 thereby transmits a radio signal and requests
the access-point 1 to connect to the client 2. The radio signal is
packetized and the ESSID is included in header information of the
radio signal.
[0166] When the access-point 1 receives the radio signal, the
control unit 3 executes the decryption processing of the encrypted
packet data in predetermined steps of WEP (step s202). In the
decryption processing, the control unit 3 attempts decryption of
the packet data transmitted from the client 2 with the password S
set in step s201-1.
[0167] If the control unit 3 succeeds in decrypting the packet
data, the control unit 3 recognizes the client 2 as an authorized
user, reads the ESSID out of the header information of the packet
data and stores the ESSID. The access-point 1 does not notify the
client 2 of termination of the authentication or the like. If the
control unit 3 fails the authentication processing, the user resets
a correct password S.
[0168] The control unit 3 permits the client 2 to log on to the
wireless LAN system, establishes a communication link with the
client 2, and starts measuring the radio communication time (step
s203-1).
[0169] The control unit 3 decrypts the data frame df, of the
received packet data, with the password S. The control unit 3 sets
"LANPA" as the password S at the head of the data frame df of the
packet data to be transmitted, scrambles the following data of the
data frame df with the password S, and transmits the packet
data.
[0170] When the communication link is established in this
procedure, the client 2 starts up the WEB browser software and
executes communication with the server 7 connected to Internet 6
via the communication link and the access-point 1.
[0171] The client 2 can therefore download various kinds of data
and application software from the server 7. The client 2 starts
measuring the radio communication time by the plug-in software P
(step s203).
[0172] The client 2 decrypts the data frame df, of the received
packet data, with the password S. The client 2 sets "LANPA" as the
password S at the head of the data frame df of the packet data to
be transmitted, scrambles the following data of the data frame df
with the password S, and transmits the packet data.
[0173] In the access-point 1, the control unit 3 monitors a
measurement result of the radio communication time started in step
s203-1. The control unit 3 discriminates, five minutes before the
password S is changed, whether the time remaining by subtracting
the measurement result from the service time (one hour) is more
than a predetermined time (for example, fifteen minutes) (step
s204).
[0174] If the remaining time is more than the predetermined time,
the control unit 3 shifts to step s213. If the remaining time is
not, the control unit 3 shifts to step s205.
[0175] In step s205, the control unit 3 transmits the display data
to allow an announcement display 10 to be shown on the display unit
2a of the client 2 as a pop-up display as shown in FIG. 9, five
minutes before the end of the service.
[0176] The announcement display 10 indicates that the radio
communication link with the access-point 1 will be disconnected if
an extension command to request extension of the service time is
not input during the remaining time of five minutes. In FIG. 9, the
extension command is shown as "AZ".
[0177] In step s206, the client 2 discriminates whether the display
data is received, by the plug-in software P. If the display data is
received, the client 2 shifts to step s207. If the display data is
not received, the client 2 shifts to step s210.
[0178] In step s207, the client 2 allows the announcement display
10 to be shown on the display unit 2a of the client 2 as a pop-up
display as shown in FIG. 9, by the plug-in software P. The client 2
shifts to step s208.
[0179] In step s208, the client 2 discriminates whether the
extension command is input with the plug-in software P. If the
extension command is input, the client 2 shifts to step s209.
[0180] In step s209, the client 2 executes radio transmission of
the extension command for the access-point 1, with the plug-in
software P and shifts to step s210.
[0181] In step s210, the client 2 sets the password corresponding
to the current time by referring to the password table, with the
plug-in software P and shifts to step s206.
[0182] For example, if the current time is nine fifty-five, the
client 2 changes the password S "LANPW" to "LANP2" and sets the new
password, by referring to the password table.
[0183] In step s211, the control unit 3 monitors whether the
extension command is included in the signal received from the
client 2. If the extension command is included in the received
signal, the control unit 3 shifts to step s212 and extends the
service time. If the extension command is not included in the
received signal, the control unit 3 shifts to step s215.
[0184] In step s213, the control unit 3 sets the password
corresponding to the current time by referring to the password
table, and shifts to step s214.
[0185] In step s214, the control unit 3 executes the decryption
processing of the encrypted packet data by using the password set
in step s213, for client 2. If the control unit 3 succeeds the
decryption, the control unit 3 shifts to step s204, continues the
communication and waits for a timing of changing a next password
S.
[0186] If the control unit 3 fails the decryption, the control unit
3 discriminates an unauthorized access, shifts to step s215 and
disconnects the communication link with the client 2.
[0187] In the access-point 1, the control unit 3 also executes the
above-explained processing for the other clients. The client is
identified with its ID (identification information) such as the MAC
address and the like.
[0188] In the wireless LAN system having the above-described
configuration, the common password table is built in the
access-point 1 and the client 2, and the communication is executed
while the password S which is to be a scramble key is changed in
response to the current time.
[0189] For this reason, even if an unauthorized user temporarily
executes radio connection with the access-point 1, the password is
changed and the radio communication is disconnected after a certain
time has passed. The unauthorized user's long-time use can be
thereby prevented. In addition, since the user does not need to
update the password in accordance with passage of the time, this
wireless LAN system has much convenience.
[0190] In the fifth embodiment, the access-point 1 and the client 2
decrypt the received packet data with the current password and the
new password from the time fives minutes before the password
changing time. By setting this lead time in the access-point 1 and
the client 2, the password can be changed smoothly.
[0191] In the above-explained embodiments, the wireless LAN system
using the WEP steps is explained. However, the present invention is
not limited to the steps, but the same advantage can be obtained by
applying the present invention to a wireless LAN system using the
other steps or the other radio communication system.
[0192] The present invention is not limited to the embodiments
described above but the constituent elements of the invention can
be modified in various manners without departing from the spirit
and scope of the invention. Various aspects of the invention can
also be extracted from any appropriate combination of a plurality
of constituent elements disclosed in the embodiments. Some
constituent elements may be deleted in all of the constituent
elements disclosed in the embodiments. The constituent elements
described in different embodiments may be combined arbitrarily.
[0193] Additional advantages and modifications will readily occur
to those skilled in the art. Therefore, the invention in its
broader aspects is not limited to the specific details and
representative embodiments shown and described herein. Accordingly,
various modifications may be made without departing from the spirit
or scope of the general inventive concept as defined by the
appended claims and their equivalents.
* * * * *